Disable Windows Authentication On Single Location?
Mar 7, 2011
I have a web application and I want to provide anonymous access to a couple of the web services in it so that we can access the web services from computers without a windows login on our network.
I've tried the stuff here Disable authentication on subfolder(s) of an ASP.NET app using windows authentication. I've done this:
[Code]....
These both "work" in that they allow access to the web service for anonymous users. However, it seems that IIS still sends an authorization challange because when I access the service from a browser I get a box to enter my username and password. If I hit cancel I get access to the page anonymously. However, some of our clients don't handle this well and just fail because of the 401 return code.
Is there a way to completely disable the windows authentication on that single location such that IIS will not try and establish a windows authentication?
I set authentication mode to Windows in the web.config and I enable Windows Authentication and disable the Anonymous Authentication in IIS 7 on win 7, but HttpContext.Current.User is always null.It works fine when I host the web app in IIS 6.0.
I am trying something apart of my boundries, is there any way to disable a single intem in dropdownlist or stop the ddl change event for a single item.
Just going to start making a web application and was wondering which was better, or at least what are the main differences between them (as it probably matters what I am using them for)?
Here comes the noob question of the day... along with a little background to give the best possible response.I have been working with Intranet asp.net/vb project. A few (3 - 5) .aspx pages had been created before the project was handed down to me, along with a DataAccess module and a ReportTools module (both of these modules are located in the App_Code directory. Things are starting to get slightly more large-scale now, with a dozen or so pages, and I'm looking for the best way to organize my files, classes and modules.
I have a single .aspx and .aspx.vb webpage that needs a specific class to be implemented which will hold values accross post back. This class will only be used within this specific page, no where else. I could create this module (or class) within the App_Code directory, but it would seem better to have this class file located in a folder with the implementing page. An example would be (using the attached screenshot below) having a folder within "Merchandising", which will be titled "SalesRecapByDate" and within this folder will exist the SalesRecapByDate.aspx and SalesRecapByDateData.vb (my class/module). Only problem with this, I cant figure out how to import the class/module into my .aspx.vb page.So my question!! Would it be best to:A) Have a folder within the "Merchandising" directory, to hold my page and its corrosponding class?B) Create sub folders within App_Code to organize things a little better according to how / where they are used
I have just installed SQL Server 2005. I selected windows mode authentication. I am not able to login in management studion. Now, I want to use mixed and server authentication option inplace of windows authentication. so, would that be possible after installation.
I have been trying to avoid the windows login userid and password window when I use the Windows Authentication mode for a web site. I need to capture the the windows logon user name without prompting for the user id and password and display that on the web site. I had tried almost everything... changed authentication,security setups on IE and IIS etc... still not being able to avoid the window...
I'm trying to enable automatic Window authentication working on our ASP.NET Intranet. I've changed the Authentication on our IIS 7.5 server from Anonymous to Windows Authentication Enabled only, and changed the Web.config file for the website to:
The Windows login box appears when accessing the website via IE 8, I enter valid credentials, but the login window keeps reappearing as if it does not accept my credentials. By repeatedly cancelling the login box it disappears, and my login name can be viewed on the website. Is there any possible reason for the login box to keep popping up even though valid credentials are being entered? I've restarted the servers / cleared browser cache etc. Also, ideally I would like the user to enter the login details once in the login box and not be required to reenter login details whenever he reopens the browser.
I have a web application (intranet based) which uses Windows Authentication. Unfortunately there are public computers that have public logins at some company locations. My web app doesn't support these public logins because I need to know the user workingSo, even though these public users are windows authentication users, my app will fail because I have no user account setup for that particular account. I want to then try Active Directory Authentication.In my Default.aspx.cs I'd have something like this
protected void Page_Load(object sender, EventArgs e) {try userContext = new UserContext(); // If the authenticated user isn't a user in my system then throw an exception } [code]...
We have a working version of application (Intranet) with uses Windows Authentication deployed in Windows 2003. The application uses HttpContext.Current.User.Identity.Name to get the logged-in user. Here impersonate is turned off.Right now, we are move to Windows 2008 RC2 where this Windows Authentication problem arised. I have Digest Authentication and Windows Authentication enabled. And also I have enabled Anonymous Authentication enabled to avoid the Login dialog of IIS in the end-user IE. Now I am getting HttpContext.Current.User.Identity.Name as Empty. When I impersonate using username and password, I am used to login using that user but all the users uses the same user to login.Does any has solution for this?Deployment Server - Windows 2008 RC2 (IIS 7.5)Development - Windows 7 (IIS 7.5)I am new to IIS 7.5. Please give me a solution
My overall goal is just to get the logged on users information for an Intranet site I'm developing without them providing their login (since they are already logged into their computer). So far I just get 401.1 errors and it keeps asking for my login/password. Even though I provide my login/password, it still won't let me in.
I've Enabled Windows Authentication from IIS > Sites > Default Web Site, added this to my web.config:
I've been asked to convert an asp.net application from forms authentication with roles using the aspnetdb database to use windows authentication instead.
what is required to do this? can I still use the roles defined in the app and stored in aspnetdb?
I have an (ASP.NET 3.5) intranet application which has been designed to use forms authentication (along with the default aspnet membership system). I also store additional information about users in another table which shares its primary key with the aspnet_users table.
For users who are part of our domain I store their domain account name in the secondary users table, and I want to automatically log in users whose domain account name matches a name stored in the table.
I have read the guides which are available - they're all from two years ago or more and assume that you are able to activate Windows Authentication on a separate login page that allows you to extract the domain account name. From what I can tell, though, this is not possible in IIS7 (the overall authentication method is applied on all pages and cannot be selectively deactivated, and both authentication methods can't be applied on the same page).
Is there a way of getting IIS to pass through the windows domain account name of the requesting user? I don't need proper AD authentication, just the domain name.
I know practically nothing about AJAX, but fully intended to utilize it in the future. Right now though I am noticing a behavior that may require that I implement it sooner then I planned.
I have been working on a fairily sophesticated web form that is made up of tables, dropdown lists, map buttons, and labels. As various controls are selected, specific tables are enabled or dropdowns/labels populated with information. All of this is working great, but when I put it all on a server and accessed it from a remote location, I noticed that every single action caused the entire page to reload.
From what I have read, it looks like AJAX and the UpdatePanel control will allow me to only refresh those areas that should be refreshed. Before I look further into implementing this, is this the only way to go? From what I have read on some other blogs, the UpdatePanel has some high performance costs.
I know this is a very debated topic, and usually when you are thinking about this as a solution you might want to rethink your UI logic.
I know I can pass validation using ClientScriptManager.RegisterForEventValidation. But, I'd really like to know. Is it possible to remove event validation for a single control? Is there a way work around for this?
I'm modifying a DropDownList, from the client side after it's rendered.
I currently cache everything possible on my site (images, JS, CSS). There is only one JS file that I need to be loaded fresh every single time. How do I omit just one file from caching, using web.config, whilst leaving everything else cached?
Note that I tried another link here, and it didn't seem to stop the caching of my file: How do I disable caching of an individual file in IIS 7 using weserver config settings
,Second and Third applications are accessed throught the first,So Authentication (form authentication) is happening from the first application only , all are deployed on same IIS with seperate virtual directory
Like
1.Localhost/EmpMananger
1. Localhost/Hr
2.Localhost/Payroll
, I used the same Entires in both <machineKey> and <forms> Elements in webconfig file of all applications,
Applications are working fine and Page.User.Identity are available in all applications but once loginUrl and defaultUrl entry is changed to actual name other than localhost
Eg: localhost/EmpManager/default.aspx To myserver/EmpManger/default.aspx
the authentication ticket is not available in second and third applicaiton
I have this tutorial on Single Sign On with forms authentication.The following link:
[URL]
I did item number 1 which is "SSO for parent and child application in the virtual sub-directory" and it works fine BUT I can't seem to stay logged in because each time I leave and reenter the application I get redirected to the login page.
Is this an inherent feature of forms authentication?
What happened to authorized cookie generated by forms authentication?
While waiting for responses, I will look for answers.
